Peachtree Nerve Clinic discovered a 15-month breach while investigating a current ransomware incident, the Atlanta-based provider announced now.

While PNC officials didn’t disclose when the newest ransomware attack happened, its electronic health record system was encrypted through the virus. Rather of having to pay the ransomware, officials could restore the files and functionality from backup records.

Officials have since repeated system scans and located no further trace of ransomware. Further, there wasn’t any evidence herpes exfiltrated data.

However, this analysis uncovered another massive breach: A hacker had accessibility system between Feb 2016 to May 2017. Officials stated the potential data utilized through the online hackers could have names, Social Security figures, driver’s licenses, addresses, phone figures, medical data, prescriptions as well as medical health insurance data.

The analysis was not able to find out whether patient access was viewed or acquired. People are being notified from the breach and offering id theft protection services. PNC also reported the incident to police force.

“We take patient privacy seriously and therefore are very sorry for just about any concern or inconvenience this incident is responsible for or could cause to anybody that has been affected,” PNC Managing Partner Lawrence Seiden, MD, stated inside a statement.

Update This summer 24, 2017: Based on the Department of Health insurance and Human Services’ breach tool, 176,295 patients were influenced by the breach.